Struct NodeProvisionRequest 

pub struct NodeProvisionRequest {
    pub root_seed: RootSeed,
    pub deploy_env: DeployEnv,
    pub network: Network,
    pub google_auth_code: Option<String>,
    pub allow_gvfs_access: bool,
    pub encrypted_seed: Option<Vec<u8>>,
}

The client sends this request to the provisioning node.

Fields

root_seed: RootSeed

The secret root seed the client wants to provision into the node.

deploy_env: DeployEnv

The DeployEnv that this RootSeed should be bound to.

network: Network

The Network that this RootSeed should be bound to.

google_auth_code: Option<String>

The auth code which can used to obtain a set of GDrive credentials.

• Applicable only in staging/prod.
• If provided, the provisioning node will acquire the full set of GDrive credentials and persist them (encrypted ofc) in Lexe’s DB.
• If NOT provided, the provisioning node will attempt to use a set of GDrive credentials which have already been persisted to Lexe’s DB.

allow_gvfs_access: bool

Whether this provision instance is allowed to access the user’s GoogleVfs. In order to ensure that different provision instances do not overwrite each other’s updates to the GoogleVfs, this paramater must only be true for at most one provision instance at a time.

• The mobile app must always set this to true, and must ensure that it is only (re-)provisioning one instance at a time. Node version approval and revocation (which requires mutating the GoogleVfs) can only be handled if this is set to true.
• Running nodes, which initiate root seed replication, must always set this to false, so that replicating instances will not overwrite updates made by (re-)provisioning instances.

NOTE that it is always possible that while this instance is provisioning, the user’s node is also running. Even when this parameter is true, the provision instance must be careful not to mutate GoogleVfs data which can also be mutated by a running user node, unless a persistence race between the provision and run modes is acceptable.

See GoogleVfs::gid_cache for more info on GVFS consistency.

encrypted_seed: Option<Vec<u8>>

The password-encrypted RootSeed which can be backed up in GDrive.

• Applicable only in staging/prod, and if GDrive is enabled.
• Requires allow_gvfs_access=true if Some; errors otherwise.
• If Some, and GDrive is enabled, the provision instance will back up this encrypted RootSeed in Google Drive. If a backup already exists, it is overwritten.
• If None, and GDrive is enabled, and we are missing a backup, provision will error.
• The mobile app should set this to Some at least on the very first provision. The mobile app can also pass None to avoid unnecessary work when it is known that the user already has a root seed backup.
• Replication (from running nodes) should always set this to None.
• We require the client to password-encrypt prior to sending the provision request to prevent leaking the length of the password. It also shifts the burden of running the 600K HMAC iterations from the provision instance to the mobile app.

Trait Implementations

impl Debug for NodeProvisionRequest

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl<'de> Deserialize<'de> for NodeProvisionRequest

fn deserialize<__D>(__deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Serialize for NodeProvisionRequest

fn serialize<__S>(&self, __serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.